This blog represents my thoughts on Information Security and the Internet of Things.
Friday, April 5, 2013
Windows forensics (1)
Windows Forensics Toolchest (WFT) is an interesting and easy to use set of forensics tools that are suitable for use in a live windows system. You should prepare the tools for each windows version separately, as well as the common tools such as sysinternals suit. The native windows tools such as cmd.exe is better to be copied from a trusted source other than the target system. The features set are available here.